Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SUSE — Vulnerabilities & Security Advisories 185

Browse all 185 CVE security advisories affecting SUSE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SUSE:RancherSUSE Linux Enterprise Server 12neuvectoropenSUSE Tumbleweedopen build servicesupportutilsopenSUSE FactorylibzyppSUSE Linux Enterprise Server 15SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise Module for SUSE Manager Server 4.2SUSE Linux Enterprise Server 11-SP4-LTSSContainer suse/manager/5.0/x86_64/server:5.0.4.7.19.1Studio onsiteContainer suse/manager/5.0/x86_64/server:5.0.2.7.8.1harvesterSUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise ServerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Module for Desktop Applications 15-SP1SUSE Enterprise Storage 5SUSE Manager Server 4.1SUSE CaaS Platform 4.5LonghornSUSE Linux Enterprise Server 12-SP5SUSE Linux Enterprise Server 15 SP1Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Server for SAP 15hackweek
CVE IDTitleCVSSSeverityPublished
CVE-2020-8023 Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2 — SUSE Enterprise Storage 5CWE-349 7.7 High2020-09-01
CVE-2020-8025 outdated entries in permissions profiles for /var/lib/pcp/tmp/* may cause security issues — SUSE Linux Enterprise Server 12-SP4CWE-279 6.1 Medium2020-08-07
CVE-2019-3681 osc: stores downloaded (supposed) RPM in network-controlled filesystem paths — SUSE Linux Enterprise Module for Development Tools 15CWE-73 7.5 High2020-06-29
CVE-2020-8019 syslog-ng: Local privilege escalation from new to root in %post — SUSE Linux Enterprise Debuginfo 11-SP3CWE-61 7.7 High2020-06-29
CVE-2020-8022 User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges — SUSE Enterprise Storage 5CWE-276 7.7 High2020-06-29
CVE-2020-8018 User owned /etc in SLES15-SP1-CHOST-BYOS — SUSE Linux Enterprise Server 15 SP1CWE-276 8.4 High2020-05-04
CVE-2019-18905 Deprecated functionality in autoyast2 automatically imports gpg keys without checking them — SUSE Linux Enterprise Server 12CWE-345 4.8 Medium2020-04-03
CVE-2019-18904 Migrations requests can cause DoS on rmt — SUSE Linux Enterprise High Performance Computing 15-ESPOSCWE-400 6.5 Medium2020-04-03
CVE-2018-17954 crowbar provision leaks admin password to all nodes in cleartext — SUSE OpenStack Cloud 7CWE-269 9.3 Critical2020-04-03
CVE-2020-8017 race condition on texlive-filesystem cron job allows for the deletion of unintended files — SUSE Linux Enterprise Module for Desktop Applications 15-SP1CWE-367 6.2 Medium2020-04-02
CVE-2020-8016 race condition in the packaging of texlive-filesysten — SUSE Linux Enterprise Module for Desktop Applications 15-SP1CWE-367 4.9 Medium2020-04-02
CVE-2019-3696 pcp: Local privilege escalation from user pcp to root through migrate_tempdirs — SUSE Linux Enterprise High Performance Computing 15-ESPOSCWE-22 8.4 High2020-03-03
CVE-2019-3695 pcp: Local privilege escalation from user pcp to root — SUSE Linux Enterprise High Performance Computing 15-ESPOSCWE-94 8.4 High2020-03-03
CVE-2019-18903 wicked: Use-after-free when receiving invalid DHCP6 IA_PD option — SUSE Linux Enterprise Server 12CWE-416 7.5 High2020-03-02
CVE-2019-18902 wicked: Use-after-free when receiving invalid DHCP6 client options — SUSE Linux Enterprise Server 12CWE-416 7.5 High2020-03-02
CVE-2020-8013 permissions: chkstat sets unintended setuid/capabilities for mrsh and wodim — SUSE Linux Enterprise Server 12CWE-59 2.2 Low2020-03-02
CVE-2019-18901 mysql-systemd-helper allows setting 640 permissions of arbitrary files — SUSE Linux Enterprise Server 12CWE-59 5.1 Medium2020-03-02
CVE-2019-18897 Local privilege escalation from user salt to root — SUSE Linux Enterprise Server 12CWE-59 8.4 High2020-03-02
CVE-2019-3698 nagios cron job allows privilege escalation from user nagios to root — SUSE Linux Enterprise Server 12CWE-59 5.7 Medium2020-02-28
CVE-2017-14806 Insecure handling of repodata and packages in SUSE Studio onlite — Studio onsiteCWE-295 3.7 Low2020-01-27
CVE-2017-14807 SQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsite — Studio onsiteCWE-89 8.1 High2020-01-27
CVE-2018-20105 yast2-rmt exposes CA private key passhrase in log-file — SUSE Linux Enterprise Server 15CWE-532 4.0 Medium2020-01-27
CVE-2018-12476 obs-service-extract_file's outfilename parameter allows to write files outside of package directory — SUSE Linux Enterprise Server 15CWE-23 4.3 Medium2020-01-27
CVE-2019-18900 libzypp stores cookies world readable — CaaS Platform 3.0CWE-276 4.0 Medium2020-01-24
CVE-2019-3693 Local privilege escalation from user wwwrun to root in the packaging of mailman — SUSE Linux Enterprise Server 11CWE-59 7.7 High2020-01-24
CVE-2019-3692 Local privilege escalation from user news to root in the packaging of inn — SUSE Linux Enterprise Server 11CWE-59 7.7 High2020-01-24
CVE-2019-3687 "easy" permission profile allows everyone execute dumpcap and read all network traffic — SUSE Linux Enterprise ServerCWE-276 4.0 Medium2020-01-24
CVE-2019-3691 Local privilege escalation from user munge to root — SUSE Linux Enterprise Server 15CWE-59 7.7 High2020-01-23
CVE-2019-18898 trousers: Local privilege escalation from tss to root — SUSE Linux Enterprise Server 15 SP1CWE-59 7.7 High2020-01-23
CVE-2019-3686 XSS in distri and version parameter in openQA — openQACWE-79 6.5 Medium2020-01-17

This page lists every published CVE security advisory associated with SUSE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.